CVE-2025-22087

UNKNOWN 0.0

bpf: Fix array bounds error with may_goto

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix array bounds error with may_goto may_goto uses an additional 8 bytes on the stack, which causes the interpreters[] array to go out of bounds when calculating index by stack_size. 1. If a BPF program is rewritten, re-evaluate the stack size. For non-JIT cases, reject loading directly. 2. For non-JIT cases, calculating interpreters[idx] may still cause out-of-bounds array access, and just warn about it. 3. For jit_requested cases, the execution of bpf_func also needs to be warned. So move the definition of function __bpf_prog_ret0_warn out of the macro definition CONFIG_BPF_JIT_ALWAYS_ON.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Apr 16, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

011832b97b311bb9e3c27945bc0d1089a14209c9 < 19e6817f84000d0b06f09fd69ebd56217842c122 011832b97b311bb9e3c27945bc0d1089a14209c9 < 4524b7febdd55fb99ae2e1f48db64019fa69e643 011832b97b311bb9e3c27945bc0d1089a14209c9 < 1a86ae57b2600e5749f5f674e9d4296ac00c69a8 011832b97b311bb9e3c27945bc0d1089a14209c9 < 6ebc5030e0c5a698f1dd9a6684cddf6ccaed64a0

Linux / Linux

6.9

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/19e6817f84000d0b06f09fd69ebd56217842c122 git.kernel.org: https://git.kernel.org/stable/c/4524b7febdd55fb99ae2e1f48db64019fa69e643 git.kernel.org: https://git.kernel.org/stable/c/1a86ae57b2600e5749f5f674e9d4296ac00c69a8 git.kernel.org: https://git.kernel.org/stable/c/6ebc5030e0c5a698f1dd9a6684cddf6ccaed64a0